package com.taikang.auth.controller;

import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import com.taikang.auth.entity.Depart;
import com.taikang.auth.entity.Right;
import com.taikang.auth.entity.Role;
import com.taikang.auth.entity.User;
import com.taikang.auth.service.IDepartService;
import com.taikang.auth.service.IRightService;
import com.taikang.auth.service.IRoleService;
import com.taikang.auth.service.IUserService;
import com.taikang.base.constant.SessionConstant;
import com.taikang.base.controller.BaseController;
import com.taikang.base.util.EncryptUtil;

/**
 * 后台登录
 * @creator     taikang
 * @create-time Jun 19, 2015   11:32:24 AM
 * @version 1.0
 */
@Controller("adminLoginController")
@Scope("prototype")
@RequestMapping(value = "/admin")
public class AdminLoginController extends BaseController{
	
	@Resource(name = "userServiceImpl")
	private IUserService userService;
	@Resource(name = "rightServiceImpl")
	private IRightService rightService;
	@Resource(name = "roleServiceImpl")
	private IRoleService roleService;
	@Resource(name = "departServiceImpl")
	private IDepartService departService;
	
	/**
	 * 后台首页
	 * @return
	 */
	@RequestMapping(value = "/index.htm", method = RequestMethod.GET)
	public ModelAndView home(HttpServletRequest request,HttpServletResponse response) {
		ModelAndView modelAndView = new ModelAndView();
		modelAndView.setViewName("/admin/index/index");
		
		User user = userService.getCurrentUser();
		//构造用户权限JSON数据
		String rightJsonStr = rightService.buildUserRightJSONStr(user);
		List<Right> rights = rightService.buildUserRights(user);
		Map<String,Object> data = modelAndView.getModel();
		data.put(SessionConstant.CURRENT_PRIVILEGE, rightJsonStr);
		request.getSession().setAttribute("RightButton", rights);
		return modelAndView;
	}
	
	/**
	 * 欢迎页
	 * @return
	 */
	@RequestMapping(value = "/welcome.htm", method = RequestMethod.GET)
	public String welcome() {
		return "/admin/workbench/welcome";
	}

	/**
	 * 跳转到登录页面
	 * @return
	 */
	@RequestMapping(value = "/login.htm", method = RequestMethod.GET)
	public String toLogin(HttpServletRequest request) {
		//判断用户
		User user = userService.getCurrentUser();
		if(null != user){
			return "redirect:/admin/index.htm";
		}
		
		return "/admin/login/login";
	}
	
	/**
	 * 登录
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping(value = "/doLogin.htm", method = RequestMethod.POST)
	public ModelAndView doLogin(HttpServletRequest request,HttpServletResponse response) {
		try{
			String p1 = request.getParameter("p1");	//账号
			String p2 = request.getParameter("p2");	//密码
			
			//2.判断用户名和密码
			User user = userService.getUserByAccount(p1);
			if(null == user){
				return ajaxJSON(Status.error, "用户名不存在");
			}
			
			if(!org.apache.commons.lang3.StringUtils.equals(user.getPassword(), EncryptUtil.encryptionPw(p2))){
				return ajaxJSON(Status.error, "用户名或密码不正确");
			}
			
			if(null != user.getState() && user.getState().intValue() == 2){
				return ajaxJSON(Status.error, "账号已被禁用");
			}
			
			//查询用户权限
			List<Role> roleList = roleService.listRoleByUserId(user.getId());
			user.setRoleList(roleList);
			//查询部门
			List<Depart> departList = departService.listDepartByUserId(user.getId());
			user.setDepartList(departList);
			//3.校验通过，保存信息
			request.getSession().setAttribute(SessionConstant.CURRENT_USER, user);
			
			return ajaxJSON(Status.success, "登录成功");
		}catch(Exception ex){
			String msg = "登录时发生异常："+ex.getMessage();
			logger.error(msg,ex);
			
			return ajaxJSON(Status.error, "登录失败");
		}
	}
	
	/**
	 * 登出
	 * @param request
	 * @param response
	 * @return
	 */
	@RequestMapping(value = "/logout.htm", method = RequestMethod.GET)
	public String logout(HttpServletRequest request,HttpServletResponse response) {
		HttpSession session = request.getSession();
		session.removeAttribute(SessionConstant.CURRENT_USER);
		session.invalidate();
		
		return "redirect:/admin/login.htm";
	}
	
}
